Author Topic: I almost certainly have a keylogger, did AVAST get it?  (Read 235 times)

0 Members and 1 Guest are viewing this topic.

Offline nicolas266

  • Newbie
  • *
  • Posts: 2
I almost certainly have a keylogger, did AVAST get it?
« on: February 11, 2019, 10:49:29 PM »
I'm almost certainly have a keylogger. Someone accessed my Fortnite account. I changed my password and played a game - a few minutes later I was logged off with the message that someone else had logged in. When I got into the account again, purchases had been made and other settings changed, so someone was in there.

I can't see how this could be anything but a keylogger. The only alternative is that hackers can log into Fortnite accounts without a password or some middleman attack, but that seems farfetched.

I've done a complete AVAST Free scan with rootkit scanning enabled.

It found two instances of INI:Shortcut-inf[Trj] and quarantined them, can these be keyloggers? It doesn't seem like that?

Afterwards I ran adwCleaner and Malwarebytes which didn't find anything.

Fearing a rootkit I tried aswMBR, but after a while I get a BSOD (renaming to iexplorer.exe still causes the crash) and the computer reboots.

I tried Norton Power Eraser, it didn't find anything.

Did I get the keylogger? Any options for tools to find it?

Thanks in advance

Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35366
Re: I almost certainly have a keylogger, did AVAST get it?
« Reply #1 on: February 12, 2019, 12:12:35 AM »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline nicolas266

  • Newbie
  • *
  • Posts: 2
Re: I almost certainly have a keylogger, did AVAST get it?
« Reply #2 on: February 12, 2019, 09:39:23 AM »
Thanks

I can post the logs from what you ask above, but they're empty, no threats found.

I hope AVAST found the keylogger with the 2 hits on INI:Shortcut-inf[Trj].

Here is the log in AVAST that found those: https://imgur.com/a/NnJ1UHH there doesn't seem to an option to export the log? The text says "severity: high, moved to quarantine"

I have them in quarantine if you want me to do something with them.

So my question is, is INI:Shortcut-inf[Trj] a keylogger? The description I read of it here https://www.solvusoft.com/en/malware/trojans/ini-shortcut-inf/ makes it sound like it downloads other malware to my PC, but I haven't found anything else. So did I miss something else and I still have a keylogger?


Offline Pondus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 35366
Re: I almost certainly have a keylogger, did AVAST get it?
« Reply #3 on: February 12, 2019, 09:48:02 AM »
what we need are the two diagnostic logs from FRST (step #2) attach those logs

How to attach you find in the guide > link in my post above

@Sass Drake will then check logs when online ... it may take hours before he is online


« Last Edit: February 12, 2019, 04:21:50 PM by Pondus »
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.